SlideShare a Scribd company logo

Nhs dealing with cyber threat

Download as PPTX, PDF
Shikoh Khan
Shikoh Khan

A look at the aspects of cyber-threats and IT security within NHS.

Technology
1 of 17
Shikoh Khan July 12, 2016
 Malicious with catastrophic consequences  Catastrophic but not Malicious  Malicious but harmless  Harmless and not malicious Catastrophic Harmless MaliciousNon Malicious
Threats Vulnerabilities • Humans / Experts • Viruses / Trojans / Worms • Phishing Attacks • Network Travelling Worms • Advanced Persistent Threats • Malware / Ransomware • Password Attacks • Denial of Service Attacks • Humans / Users • Unpatched OS and Software • Mobile computing devices • Portable data storage devices • Identity Protection / Passwords • WiFi Networks • End Point Devices / Servers • Sensitive Data Encryption External / Internal Internal
• Humans • Viruses / Trojans • Phishing Attacks • Network Travelling Worms • Advanced Persistent Threats • Malware / Ransomware • Password Attacks • Denial of Service Attacks Threats Vulnerabilities • Humans • Unpatched OS and Software • Mobile computing devices • Portable data storage devices • Identity Protection • WiFi Networks • Passwords • Sensitive Data Encryption External / Internal Internal
Weak links = Vulnerabilities Which sometimes lead to ….
And that often results in ….
And Finally … Remember This? “Hack of the Century!” Sony Pictures Entertainment 2014
 Human error  Portable Storage and mobile computing  Weak governance  Inadequate network protection  Insecure WiFi networks  Unencrypted sensitive data  Complacency
Secure office Networks
The dispersed mobile office today
 What are the options?  What are the priorities?  Is funding available?  Data Locations: On Premise, 3rd Parties, Cloud  Business Continuity: Security Vs mobility  Right expertise: In-house or Outsourced  Right approach: Tactical or Strategic  Are procedures for Security Incidents clearly documented, communicated and understood?  Ownership and accountability
Risk Analysis Review History Skills Analysis Corporate Policies Technical Analysis Collaborate with Other Trusts Review NHS Guidance 3rd Parties End Users
Analyse Prioritise Plan Execute Educate End Users Protect Endpoint Devices Protect Network Protect Mobile Devices Protect Removable Media Patch All Software Review 3rd Party Data Policies Monitor Stringent Access Controls ClearPolicies
 NHS Suffered 7000 data breaches 2012-2014 ◦ It led to 32 resignations and 1 court case ◦ In 50 cases data shared on social media ◦ NHS hard drives with patient data sold on eBay ◦ 115 occasions – Staff accessed own records ◦ Mostly not deliberate or malicious ◦ Mostly poor training cited as the main reason  To do Nothing is not an Option  Protection of patient data is paramount And the buck stops with YOU!

Recommended

Riverside Healthcare Accelerate Tech 2016 presentation
Riverside Healthcare Accelerate Tech 2016 presentationRiverside Healthcare Accelerate Tech 2016 presentation
Riverside Healthcare Accelerate Tech 2016 presentationEconomic Alliance of Kankakee County
 
Information security
Information securityInformation security
Information securitylinalona515
 
Integrating DLP and the 4 W's is a Must by Uzi Yair - CEO, GTB Technologies Inc.
Integrating DLP and the 4 W's is a Must by Uzi Yair - CEO, GTB Technologies Inc.Integrating DLP and the 4 W's is a Must by Uzi Yair - CEO, GTB Technologies Inc.
Integrating DLP and the 4 W's is a Must by Uzi Yair - CEO, GTB Technologies Inc.Ravtach Solutions
 
Privacy, Encryption, and Anonymity in the Civil Legal Aid Context
Privacy, Encryption, and Anonymity in the Civil Legal Aid ContextPrivacy, Encryption, and Anonymity in the Civil Legal Aid Context
Privacy, Encryption, and Anonymity in the Civil Legal Aid ContextLegal Services National Technology Assistance Project (LSNTAP)
 
Threats to information security
Threats to information securityThreats to information security
Threats to information securityarun alfie
 
Cyber security awareness training by cyber security infotech(csi)
Cyber security awareness training by cyber security infotech(csi)Cyber security awareness training by cyber security infotech(csi)
Cyber security awareness training by cyber security infotech(csi)Cyber Security Infotech
 
Managing IT Risk and Assessing Vulnerability
Managing IT Risk and Assessing VulnerabilityManaging IT Risk and Assessing Vulnerability
Managing IT Risk and Assessing VulnerabilityAIS Network
 
Data Security
Data SecurityData Security
Data SecurityAkNirojan
 

Recommended

Riverside Healthcare Accelerate Tech 2016 presentation
Riverside Healthcare Accelerate Tech 2016 presentationRiverside Healthcare Accelerate Tech 2016 presentation
Riverside Healthcare Accelerate Tech 2016 presentationEconomic Alliance of Kankakee County
 
Information security
Information securityInformation security
Information securitylinalona515
 
Integrating DLP and the 4 W's is a Must by Uzi Yair - CEO, GTB Technologies Inc.
Integrating DLP and the 4 W's is a Must by Uzi Yair - CEO, GTB Technologies Inc.Integrating DLP and the 4 W's is a Must by Uzi Yair - CEO, GTB Technologies Inc.
Integrating DLP and the 4 W's is a Must by Uzi Yair - CEO, GTB Technologies Inc.Ravtach Solutions
 
Privacy, Encryption, and Anonymity in the Civil Legal Aid Context
Privacy, Encryption, and Anonymity in the Civil Legal Aid ContextPrivacy, Encryption, and Anonymity in the Civil Legal Aid Context
Privacy, Encryption, and Anonymity in the Civil Legal Aid ContextLegal Services National Technology Assistance Project (LSNTAP)
 
Threats to information security
Threats to information securityThreats to information security
Threats to information securityarun alfie
 
Cyber security awareness training by cyber security infotech(csi)
Cyber security awareness training by cyber security infotech(csi)Cyber security awareness training by cyber security infotech(csi)
Cyber security awareness training by cyber security infotech(csi)Cyber Security Infotech
 
Managing IT Risk and Assessing Vulnerability
Managing IT Risk and Assessing VulnerabilityManaging IT Risk and Assessing Vulnerability
Managing IT Risk and Assessing VulnerabilityAIS Network
 
Data Security
Data SecurityData Security
Data SecurityAkNirojan
 
Cybersecurity 101 final
Cybersecurity 101 finalCybersecurity 101 final
Cybersecurity 101 finalKemper Brown, Jr.
 
DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!
DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!
DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!Kevin Fisher
 
Securing information systems
Securing information systemsSecuring information systems
Securing information systemsAmity University | FMS - DU | IMT | Stratford University | KKMI International Institute | AIMA | DTU
 
COB4 Computer Crime
COB4 Computer CrimeCOB4 Computer Crime
COB4 Computer Crimeangbeelee
 
9 - Security
9 - Security9 - Security
9 - SecurityRaymond Gao
 
5 Security Tips to Protect Your Login Credentials and More
5 Security Tips to Protect Your Login Credentials and More5 Security Tips to Protect Your Login Credentials and More
5 Security Tips to Protect Your Login Credentials and MoreCommunity IT Innovators
 
IT Security Presentation - IIMC 2014 Conference
IT Security Presentation - IIMC 2014 ConferenceIT Security Presentation - IIMC 2014 Conference
IT Security Presentation - IIMC 2014 ConferenceJeff Lemmermann
 
Building An Information Security Awareness Program
Building An Information Security Awareness ProgramBuilding An Information Security Awareness Program
Building An Information Security Awareness ProgramBill Gardner
 
MIS-CH08: Securing Information Systems
MIS-CH08: Securing Information SystemsMIS-CH08: Securing Information Systems
MIS-CH08: Securing Information SystemsSukanya Ben
 
Data security
Data securityData security
Data securitySoumen Mondal
 
New Hire Information Security Awareness
New Hire Information Security AwarenessNew Hire Information Security Awareness
New Hire Information Security Awarenesshubbargf
 
Database forensics
Database forensicsDatabase forensics
Database forensicsDenys A. Flores, PhD
 
Cyber Risk: Exposures, prevention, and solutions
Cyber Risk: Exposures, prevention, and solutionsCyber Risk: Exposures, prevention, and solutions
Cyber Risk: Exposures, prevention, and solutionsCapri Insurance
 
Securityawareness
SecurityawarenessSecurityawareness
SecurityawarenessJayfErika
 
Network security.ppt
Network security.pptNetwork security.ppt
Network security.pptamuthadeepa
 
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...David Menken
 
11 Computer Privacy
11 Computer Privacy11 Computer Privacy
11 Computer PrivacySaqib Raza
 
Cyber Risks
Cyber RisksCyber Risks
Cyber RisksRickWaldman
 
PACE-IT, Security+ 4.5: Mitigating Risks in Alternative Environments
PACE-IT, Security+ 4.5: Mitigating Risks in Alternative EnvironmentsPACE-IT, Security+ 4.5: Mitigating Risks in Alternative Environments
PACE-IT, Security+ 4.5: Mitigating Risks in Alternative EnvironmentsPace IT at Edmonds Community College
 
Information Assurance And Security - Chapter 2 - Lesson 2
Information Assurance And Security - Chapter 2 - Lesson 2Information Assurance And Security - Chapter 2 - Lesson 2
Information Assurance And Security - Chapter 2 - Lesson 2MLG College of Learning, Inc
 
Information Leakage - A knowledge Based Approach
Information Leakage - A knowledge Based ApproachInformation Leakage - A knowledge Based Approach
Information Leakage - A knowledge Based ApproachGlobal Business Events - the Heart of your Network.
 
ke-1.pptx
ke-1.pptxke-1.pptx
ke-1.pptxAhmadNaswin
 

More Related Content

What's hot

DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!
DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!
DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!Kevin Fisher
 
COB4 Computer Crime
COB4 Computer CrimeCOB4 Computer Crime
COB4 Computer Crimeangbeelee
 
5 Security Tips to Protect Your Login Credentials and More
5 Security Tips to Protect Your Login Credentials and More5 Security Tips to Protect Your Login Credentials and More
5 Security Tips to Protect Your Login Credentials and MoreCommunity IT Innovators
 
IT Security Presentation - IIMC 2014 Conference
IT Security Presentation - IIMC 2014 ConferenceIT Security Presentation - IIMC 2014 Conference
IT Security Presentation - IIMC 2014 ConferenceJeff Lemmermann
 
Building An Information Security Awareness Program
Building An Information Security Awareness ProgramBuilding An Information Security Awareness Program
Building An Information Security Awareness ProgramBill Gardner
 
MIS-CH08: Securing Information Systems
MIS-CH08: Securing Information SystemsMIS-CH08: Securing Information Systems
MIS-CH08: Securing Information SystemsSukanya Ben
 
New Hire Information Security Awareness
New Hire Information Security AwarenessNew Hire Information Security Awareness
New Hire Information Security Awarenesshubbargf
 
Cyber Risk: Exposures, prevention, and solutions
Cyber Risk: Exposures, prevention, and solutionsCyber Risk: Exposures, prevention, and solutions
Cyber Risk: Exposures, prevention, and solutionsCapri Insurance
 
Securityawareness
SecurityawarenessSecurityawareness
SecurityawarenessJayfErika
 
Network security.ppt
Network security.pptNetwork security.ppt
Network security.pptamuthadeepa
 
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...David Menken
 
11 Computer Privacy
11 Computer Privacy11 Computer Privacy
11 Computer PrivacySaqib Raza
 
PACE-IT, Security+ 4.5: Mitigating Risks in Alternative Environments
PACE-IT, Security+ 4.5: Mitigating Risks in Alternative EnvironmentsPACE-IT, Security+ 4.5: Mitigating Risks in Alternative Environments
PACE-IT, Security+ 4.5: Mitigating Risks in Alternative EnvironmentsPace IT at Edmonds Community College
 
Information Assurance And Security - Chapter 2 - Lesson 2
Information Assurance And Security - Chapter 2 - Lesson 2Information Assurance And Security - Chapter 2 - Lesson 2
Information Assurance And Security - Chapter 2 - Lesson 2MLG College of Learning, Inc
 

What's hot (20)

Cybersecurity 101 final
Cybersecurity 101 finalCybersecurity 101 final
Cybersecurity 101 final
 
DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!
DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!
DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!
 
Securing information systems
Securing information systemsSecuring information systems
Securing information systems
 
COB4 Computer Crime
COB4 Computer CrimeCOB4 Computer Crime
COB4 Computer Crime
 
9 - Security
9 - Security9 - Security
9 - Security
 
5 Security Tips to Protect Your Login Credentials and More
5 Security Tips to Protect Your Login Credentials and More5 Security Tips to Protect Your Login Credentials and More
5 Security Tips to Protect Your Login Credentials and More
 
IT Security Presentation - IIMC 2014 Conference
IT Security Presentation - IIMC 2014 ConferenceIT Security Presentation - IIMC 2014 Conference
IT Security Presentation - IIMC 2014 Conference
 
Building An Information Security Awareness Program
Building An Information Security Awareness ProgramBuilding An Information Security Awareness Program
Building An Information Security Awareness Program
 
MIS-CH08: Securing Information Systems
MIS-CH08: Securing Information SystemsMIS-CH08: Securing Information Systems
MIS-CH08: Securing Information Systems
 
Data security
Data securityData security
Data security
 
New Hire Information Security Awareness
New Hire Information Security AwarenessNew Hire Information Security Awareness
New Hire Information Security Awareness
 
Database forensics
Database forensicsDatabase forensics
Database forensics
 
Cyber Risk: Exposures, prevention, and solutions
Cyber Risk: Exposures, prevention, and solutionsCyber Risk: Exposures, prevention, and solutions
Cyber Risk: Exposures, prevention, and solutions
 
Securityawareness
SecurityawarenessSecurityawareness
Securityawareness
 
Network security.ppt
Network security.pptNetwork security.ppt
Network security.ppt
 
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
 
11 Computer Privacy
11 Computer Privacy11 Computer Privacy
11 Computer Privacy
 
Cyber Risks
Cyber RisksCyber Risks
Cyber Risks
 
PACE-IT, Security+ 4.5: Mitigating Risks in Alternative Environments
PACE-IT, Security+ 4.5: Mitigating Risks in Alternative EnvironmentsPACE-IT, Security+ 4.5: Mitigating Risks in Alternative Environments
PACE-IT, Security+ 4.5: Mitigating Risks in Alternative Environments
 
Information Assurance And Security - Chapter 2 - Lesson 2
Information Assurance And Security - Chapter 2 - Lesson 2Information Assurance And Security - Chapter 2 - Lesson 2
Information Assurance And Security - Chapter 2 - Lesson 2
 

Similar to Nhs dealing with cyber threat

Save Your Network – Protecting Healthcare Data from Deadly Breaches
Save Your Network – Protecting Healthcare Data from Deadly BreachesSave Your Network – Protecting Healthcare Data from Deadly Breaches
Save Your Network – Protecting Healthcare Data from Deadly BreachesLancope, Inc.
 
Mark Lomas - Taking a Holistic Approach to Cyber Threat Prevention #midscyber...
Mark Lomas - Taking a Holistic Approach to Cyber Threat Prevention #midscyber...Mark Lomas - Taking a Holistic Approach to Cyber Threat Prevention #midscyber...
Mark Lomas - Taking a Holistic Approach to Cyber Threat Prevention #midscyber...Pro Mrkt
 
Umphrey hutcherson-ecu-cause2010-rev5
Umphrey hutcherson-ecu-cause2010-rev5Umphrey hutcherson-ecu-cause2010-rev5
Umphrey hutcherson-ecu-cause2010-rev5umphreym
 
Information Security Awareness Training by Mount Auburn Hospital
Information Security Awareness Training by Mount Auburn HospitalInformation Security Awareness Training by Mount Auburn Hospital
Information Security Awareness Training by Mount Auburn HospitalAtlantic Training, LLC.
 
Lecture 7---Security (1).pdf
Lecture 7---Security (1).pdfLecture 7---Security (1).pdf
Lecture 7---Security (1).pdfZeeshanMajeed15
 
Think Your Network Is Safe? Check Your Printers
Think Your Network Is Safe? Check Your PrintersThink Your Network Is Safe? Check Your Printers
Think Your Network Is Safe? Check Your Printersscoopnewsgroup
 
Using Technology and People to Improve your Threat Resistance and Cyber Security
Using Technology and People to Improve your Threat Resistance and Cyber SecurityUsing Technology and People to Improve your Threat Resistance and Cyber Security
Using Technology and People to Improve your Threat Resistance and Cyber SecurityStephen Cobb
 
How to Catch a Wolf in Sheep's Clothing
How to Catch a Wolf in Sheep's ClothingHow to Catch a Wolf in Sheep's Clothing
How to Catch a Wolf in Sheep's ClothingThinAir
 
Threat Ready Data: Protect Data from the Inside and the Outside
Threat Ready Data: Protect Data from the Inside and the OutsideThreat Ready Data: Protect Data from the Inside and the Outside
Threat Ready Data: Protect Data from the Inside and the OutsideDLT Solutions
 
iPads on your network? Take Control with Unified Policy and Management
iPads on your network? Take Control with Unified Policy and ManagementiPads on your network? Take Control with Unified Policy and Management
iPads on your network? Take Control with Unified Policy and ManagementCisco Mobility
 
7 Highly Risky Habits of Small to Medium-Sized Nonprofits: IT Security Pitfalls
7 Highly Risky Habits of Small to Medium-Sized Nonprofits: IT Security Pitfalls7 Highly Risky Habits of Small to Medium-Sized Nonprofits: IT Security Pitfalls
7 Highly Risky Habits of Small to Medium-Sized Nonprofits: IT Security PitfallsDaniel Rivas
 
Security in the enterprise - Why You Need It
Security in the enterprise - Why You Need ItSecurity in the enterprise - Why You Need It
Security in the enterprise - Why You Need ItSlick Cyber Systems
 
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...IBM Security
 
Cyber Security and Healthcare
Cyber Security and HealthcareCyber Security and Healthcare
Cyber Security and HealthcareJonathon Coulter
 
Internet Issues (How to Deal on Internet Security)
Internet Issues (How to Deal on Internet Security)Internet Issues (How to Deal on Internet Security)
Internet Issues (How to Deal on Internet Security)Hannah Jane del Castillo
 
The Legal Case for Cybersecurity - SecureWorld Dallas 2017 (Lunch Keynote)
The Legal Case for Cybersecurity - SecureWorld Dallas 2017 (Lunch Keynote)The Legal Case for Cybersecurity - SecureWorld Dallas 2017 (Lunch Keynote)
The Legal Case for Cybersecurity - SecureWorld Dallas 2017 (Lunch Keynote)Shawn Tuma
 
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...Rishi Singh
 

Similar to Nhs dealing with cyber threat (20)

Information Leakage - A knowledge Based Approach
Information Leakage - A knowledge Based ApproachInformation Leakage - A knowledge Based Approach
Information Leakage - A knowledge Based Approach
 
ke-1.pptx
ke-1.pptxke-1.pptx
ke-1.pptx
 
Save Your Network – Protecting Healthcare Data from Deadly Breaches
Save Your Network – Protecting Healthcare Data from Deadly BreachesSave Your Network – Protecting Healthcare Data from Deadly Breaches
Save Your Network – Protecting Healthcare Data from Deadly Breaches
 
Mark Lomas - Taking a Holistic Approach to Cyber Threat Prevention #midscyber...
Mark Lomas - Taking a Holistic Approach to Cyber Threat Prevention #midscyber...Mark Lomas - Taking a Holistic Approach to Cyber Threat Prevention #midscyber...
Mark Lomas - Taking a Holistic Approach to Cyber Threat Prevention #midscyber...
 
Umphrey hutcherson-ecu-cause2010-rev5
Umphrey hutcherson-ecu-cause2010-rev5Umphrey hutcherson-ecu-cause2010-rev5
Umphrey hutcherson-ecu-cause2010-rev5
 
Information Security Awareness Training by Mount Auburn Hospital
Information Security Awareness Training by Mount Auburn HospitalInformation Security Awareness Training by Mount Auburn Hospital
Information Security Awareness Training by Mount Auburn Hospital
 
Lecture 7---Security (1).pdf
Lecture 7---Security (1).pdfLecture 7---Security (1).pdf
Lecture 7---Security (1).pdf
 
Think Your Network Is Safe? Check Your Printers
Think Your Network Is Safe? Check Your PrintersThink Your Network Is Safe? Check Your Printers
Think Your Network Is Safe? Check Your Printers
 
Using Technology and People to Improve your Threat Resistance and Cyber Security
Using Technology and People to Improve your Threat Resistance and Cyber SecurityUsing Technology and People to Improve your Threat Resistance and Cyber Security
Using Technology and People to Improve your Threat Resistance and Cyber Security
 
How to Catch a Wolf in Sheep's Clothing
How to Catch a Wolf in Sheep's ClothingHow to Catch a Wolf in Sheep's Clothing
How to Catch a Wolf in Sheep's Clothing
 
Threat Ready Data: Protect Data from the Inside and the Outside
Threat Ready Data: Protect Data from the Inside and the OutsideThreat Ready Data: Protect Data from the Inside and the Outside
Threat Ready Data: Protect Data from the Inside and the Outside
 
iPads on your network? Take Control with Unified Policy and Management
iPads on your network? Take Control with Unified Policy and ManagementiPads on your network? Take Control with Unified Policy and Management
iPads on your network? Take Control with Unified Policy and Management
 
7 Highly Risky Habits of Small to Medium-Sized Nonprofits: IT Security Pitfalls
7 Highly Risky Habits of Small to Medium-Sized Nonprofits: IT Security Pitfalls7 Highly Risky Habits of Small to Medium-Sized Nonprofits: IT Security Pitfalls
7 Highly Risky Habits of Small to Medium-Sized Nonprofits: IT Security Pitfalls
 
Security in the enterprise - Why You Need It
Security in the enterprise - Why You Need ItSecurity in the enterprise - Why You Need It
Security in the enterprise - Why You Need It
 
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...
 
Cyber Security and Healthcare
Cyber Security and HealthcareCyber Security and Healthcare
Cyber Security and Healthcare
 
Internet Issues (How to Deal on Internet Security)
Internet Issues (How to Deal on Internet Security)Internet Issues (How to Deal on Internet Security)
Internet Issues (How to Deal on Internet Security)
 
The Legal Case for Cybersecurity - SecureWorld Dallas 2017 (Lunch Keynote)
The Legal Case for Cybersecurity - SecureWorld Dallas 2017 (Lunch Keynote)The Legal Case for Cybersecurity - SecureWorld Dallas 2017 (Lunch Keynote)
The Legal Case for Cybersecurity - SecureWorld Dallas 2017 (Lunch Keynote)
 
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
 
Cyber Security Briefing
Cyber Security BriefingCyber Security Briefing
Cyber Security Briefing
 

Recently uploaded

"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 

Recently uploaded (20)

"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 

Nhs dealing with cyber threat

  • 2.  Malicious with catastrophic consequences  Catastrophic but not Malicious  Malicious but harmless  Harmless and not malicious Catastrophic Harmless MaliciousNon Malicious
  • 3. Threats Vulnerabilities • Humans / Experts • Viruses / Trojans / Worms • Phishing Attacks • Network Travelling Worms • Advanced Persistent Threats • Malware / Ransomware • Password Attacks • Denial of Service Attacks • Humans / Users • Unpatched OS and Software • Mobile computing devices • Portable data storage devices • Identity Protection / Passwords • WiFi Networks • End Point Devices / Servers • Sensitive Data Encryption External / Internal Internal
  • 4. • Humans • Viruses / Trojans • Phishing Attacks • Network Travelling Worms • Advanced Persistent Threats • Malware / Ransomware • Password Attacks • Denial of Service Attacks Threats Vulnerabilities • Humans • Unpatched OS and Software • Mobile computing devices • Portable data storage devices • Identity Protection • WiFi Networks • Passwords • Sensitive Data Encryption External / Internal Internal
  • 5. Weak links = Vulnerabilities Which sometimes lead to ….
  • 6.
  • 7. And that often results in ….
  • 8.
  • 9. And Finally … Remember This? “Hack of the Century!” Sony Pictures Entertainment 2014
  • 10.  Human error  Portable Storage and mobile computing  Weak governance  Inadequate network protection  Insecure WiFi networks  Unencrypted sensitive data  Complacency
  • 12. The dispersed mobile office today
  • 13.
  • 14.  What are the options?  What are the priorities?  Is funding available?  Data Locations: On Premise, 3rd Parties, Cloud  Business Continuity: Security Vs mobility  Right expertise: In-house or Outsourced  Right approach: Tactical or Strategic  Are procedures for Security Incidents clearly documented, communicated and understood?  Ownership and accountability
  • 16. Analyse Prioritise Plan Execute Educate End Users Protect Endpoint Devices Protect Network Protect Mobile Devices Protect Removable Media Patch All Software Review 3rd Party Data Policies Monitor Stringent Access Controls ClearPolicies
  • 17.  NHS Suffered 7000 data breaches 2012-2014 ◦ It led to 32 resignations and 1 court case ◦ In 50 cases data shared on social media ◦ NHS hard drives with patient data sold on eBay ◦ 115 occasions – Staff accessed own records ◦ Mostly not deliberate or malicious ◦ Mostly poor training cited as the main reason  To do Nothing is not an Option  Protection of patient data is paramount And the buck stops with YOU!